CERTFR-2022-AVI-328
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits Schneider. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Schneider Electric | N/A | Modicon M262 Logic Controllers versions antérieures à V5.1.6.1 | ||
| Schneider Electric | N/A | MiCOM C264 versions antérieures à B5.118, D1.92, D4.38, D5.25I et D6.18 | ||
| Schneider Electric | N/A | PowerLogic ION7400 versions antérieures à 3.1.0 | ||
| Schneider Electric | N/A | EPC2000 toutes versions | ||
| Schneider Electric | N/A | EPack toutes versions | ||
| N/A | N/A | Easy Harmony GXU (gamme HMIGXU) Vijeo Designer Basic versions antérieures à 1.2.1 | ||
| Schneider Electric | N/A | nanodac versions antérieures à 10.02 | ||
| N/A | N/A | Versadac toutes versions | ||
| Schneider Electric | N/A | BMXNOR0200H RTU toutes versions | ||
| Schneider Electric | N/A | EPC3000 versions antérieures à V5.20 | ||
| Schneider Electric | N/A | Modicon M241/M251 Logic Controllers versions antérieures à V5.1.9.34 | ||
| Schneider Electric | N/A | SAGE RTU CPU C3414 version antérieures à C3414-500-S02K5_P5 de SAGE RTU CPU3414 | ||
| Schneider Electric | N/A | BMXNOE0100 (H) toutes versions | ||
| N/A | N/A | JACE-8000 versions antérieures à Niagara 4.10u1 | ||
| Schneider Electric | N/A | BMENOC0321, BMENOC0301, BMENOC0311, BMENOS0300 toutes versions | ||
| Schneider Electric | N/A | 6100A, 6180A, 6100XIO, 6180XIO, AeroDAQ toutes versions | ||
| Schneider Electric | N/A | Eurotherm E+PLC100 toutes versions | ||
| N/A | N/A | SCD6000 Industrial RTU versions antérieures à SY-1101207, et N de SCD6000 | ||
| Schneider Electric | N/A | Pro-face SP-5B00, SP-5B10, SP-5B90, gamme ST6000 (modèle GP-ProEX), gamme ET6000 versions antérieures à V4.09.350 | ||
| Schneider Electric | N/A | Momentum MDI (171CBU*), MC80 (BMKC8*), HART (BMEAH*),V1.50 toutes versions | ||
| N/A | N/A | BMECRA31210, BMXCRA31200, BMXCRA31210, 140CRA31200, 140CRA31908 toutes versions | ||
| Schneider Electric | N/A | BMXNOE0100, BMXNOE0110, BMXNGD0100, BMXNOC0401 toutes versions | ||
| Schneider Electric | N/A | Easergy MiCOM P40 toutes versions | ||
| N/A | N/A | Modicon M258/LMC058 Logic Controllers versions antérieures à 5.0.4.18 | ||
| Schneider Electric | N/A | Modicon Quantum CPU et Communication Modules toutes versions | ||
| N/A | N/A | Modicon Premium CPU et Communication Modules toutes versions | ||
| N/A | N/A | Easergy MiCOM P30 versions 660 à 674 | ||
| Schneider Electric | N/A | PowerLogic ION9000 versions antérieures à 3.1.0 | ||
| Schneider Electric | N/A | Easergy C5x (C52/C53) versions antérieures à 1.0.5 | ||
| Schneider Electric | N/A | gammes HMISTO et HMISTU/S5T toutes versions | ||
| Schneider Electric | N/A | PacDrive Eco/Pro/Pro2 Logic Controllers versions antérieures à V1.66.5.1 | ||
| Schneider Electric | N/A | Easergy P5 versions antérieures à 01.401.101 | ||
| Schneider Electric | N/A | CPU Modicon M580 (BMEP* et BMEH*), BMXNOM0200 toutes versions | ||
| N/A | N/A | BMXNOE0110 (H) toutes versions | ||
| Schneider Electric | N/A | Gammes Pro-face GP4000, LT4000M et GP4000H toutes versions | ||
| Schneider Electric | N/A | TCSEGPA23F14F, BMECXM0100 toutes versions | ||
| N/A | N/A | HMISCU Vijeo Designer versions V6.2SP11 et antérieures | ||
| N/A | N/A | PowerLogic PM8000 versions antérieures à 3.1.0 | ||
| N/A | N/A | PacDrive M toutes versions | ||
| N/A | N/A | Easy Harmony ET6 (gamme HMIET) Vijeo Designer Basic versions antérieures à 1.2.1 | ||
| N/A | N/A | Momentum ENT (170ENT11*) toutes versions | ||
| N/A | N/A | Gammes Pro-face GP4100, GP4000E et GP4000M toutes versions | ||
| Schneider Electric | N/A | BMXNOM0200 toutes versions | ||
| N/A | N/A | IGSS Data Server versions antérieures à 15.0.0.22074 | ||
| N/A | N/A | BMENOP0300, BMXNOR0200 toutes versions | ||
| Schneider Electric | N/A | Modicon LMC078 toutes versions | ||
| Schneider Electric | N/A | Harmony/ Magelis, gammes HMIGTU, HMIGTUX et HMIGK versions antérieures à 6.2 SP11 Multi HotFix 4 | ||
| Schneider Electric | Modicon M340 | Modicon M340 versions antérieures à 3.50 |
References
| Title | Publication Time | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Modicon M262 Logic Controllers versions ant\u00e9rieures \u00e0 V5.1.6.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "MiCOM C264 versions ant\u00e9rieures \u00e0 B5.118, D1.92, D4.38, D5.25I et D6.18",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "PowerLogic ION7400 versions ant\u00e9rieures \u00e0 3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "EPC2000 toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "EPack toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "Easy Harmony GXU (gamme HMIGXU) Vijeo Designer Basic versions ant\u00e9rieures \u00e0 1.2.1",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "nanodac versions ant\u00e9rieures \u00e0 10.02",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "Versadac toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "BMXNOR0200H RTU toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "EPC3000 versions ant\u00e9rieures \u00e0 V5.20",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "Modicon M241/M251 Logic Controllers versions ant\u00e9rieures \u00e0 V5.1.9.34",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "SAGE RTU CPU C3414 version ant\u00e9rieures \u00e0 C3414-500-S02K5_P5 de SAGE RTU CPU3414",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "BMXNOE0100 (H) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "JACE-8000 versions ant\u00e9rieures \u00e0 Niagara 4.10u1",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "BMENOC0321, BMENOC0301, BMENOC0311, BMENOS0300 toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "6100A, 6180A, 6100XIO, 6180XIO, AeroDAQ toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "Eurotherm E+PLC100 toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "SCD6000 Industrial RTU versions ant\u00e9rieures \u00e0 SY-1101207, et N de SCD6000",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "Pro-face SP-5B00, SP-5B10, SP-5B90, gamme ST6000 (mod\u00e8le GP-ProEX), gamme ET6000 versions ant\u00e9rieures \u00e0 V4.09.350",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "Momentum MDI (171CBU*), MC80 (BMKC8*), HART (BMEAH*),V1.50 toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "BMECRA31210, BMXCRA31200, BMXCRA31210, 140CRA31200, 140CRA31908 toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "BMXNOE0100, BMXNOE0110, BMXNGD0100, BMXNOC0401 toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "Easergy MiCOM P40 toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "Modicon M258/LMC058 Logic Controllers versions ant\u00e9rieures \u00e0 5.0.4.18",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "Modicon Quantum CPU et Communication Modules toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "Modicon Premium CPU et Communication Modules toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "Easergy MiCOM P30 versions 660 \u00e0 674",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "PowerLogic ION9000 versions ant\u00e9rieures \u00e0 3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "Easergy C5x (C52/C53) versions ant\u00e9rieures \u00e0 1.0.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "gammes HMISTO et HMISTU/S5T toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "PacDrive Eco/Pro/Pro2 Logic Controllers versions ant\u00e9rieures \u00e0 V1.66.5.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "Easergy P5 versions ant\u00e9rieures \u00e0 01.401.101",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "CPU Modicon M580 (BMEP* et BMEH*), BMXNOM0200 toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "BMXNOE0110 (H) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "Gammes Pro-face GP4000, LT4000M et GP4000H toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "TCSEGPA23F14F, BMECXM0100 toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "HMISCU Vijeo Designer versions V6.2SP11 et ant\u00e9rieures",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "PowerLogic PM8000 versions ant\u00e9rieures \u00e0 3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "PacDrive M toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "Easy Harmony ET6 (gamme HMIET) Vijeo Designer Basic versions ant\u00e9rieures \u00e0 1.2.1",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "Momentum ENT (170ENT11*) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "Gammes Pro-face GP4100, GP4000E et GP4000M toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "BMXNOM0200 toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "IGSS Data Server versions ant\u00e9rieures \u00e0 15.0.0.22074",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "BMENOP0300, BMXNOR0200 toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "Modicon LMC078 toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "Harmony/ Magelis, gammes HMIGTU, HMIGTUX et HMIGK versions ant\u00e9rieures \u00e0 6.2 SP11 Multi HotFix 4",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "Modicon M340 versions ant\u00e9rieures \u00e0 3.50",
"product": {
"name": "Modicon M340",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2020-35198",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35198"
},
{
"name": "CVE-2021-22156",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22156"
},
{
"name": "CVE-2022-0222",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0222"
},
{
"name": "CVE-2020-28895",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28895"
},
{
"name": "CVE-2022-24324",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24324"
}
],
"initial_release_date": "2022-04-12T00:00:00",
"last_revision_date": "2022-04-12T00:00:00",
"links": [],
"reference": "CERTFR-2022-AVI-328",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-04-12T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSchneider. Certaines d\u0027entre elles permettent \u00e0 un attaquant de\nprovoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de\nservice \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Schneider",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2022-102-02 du 12 avril 2022",
"url": "https://download.schneider-electric.com/files?p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2022-102-02_Modicon_M340_Controller_and_Communication_Modules_Security_Notification.pdf\u0026p_Doc_Ref=SEVD-2022-102-02"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2022-102-01 du 12 avril 2022",
"url": "https://download.schneider-electric.com/files?p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2022-102-01_IGSS_Security_Notification.pdf\u0026p_Doc_Ref=SEVD-2022-102-01"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2021-313-05 du 09 novembre 2021 mis \u00e0 jour le 12 avril 2022",
"url": "https://download.schneider-electric.com/files?p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2021-313-05_Badalloc_Vulnerabilities_Security_Notification_V6.0.pdf\u0026p_Doc_Ref=SEVD-2021-313-05"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…